Here's a situation I recently had to deal with, and I'd be interested to hear how other admin would handle it.

The ownership of a character had recently changed hands. The original owner claimed that the new owner had guessed his password. The new owner claimed that the original owner had given him the character, and now wanted it back due to a personal dispute.

Strange you should mention that. Another case I once had to deal with regarded two players who shared a character. The players had a falling out, so one of them asked me if I could clone the character and give them a copy each...

Well, no idea what you should do in response to this situation, but it suggests a prudent item in the MUD's TOS. Something like:

Except in a clear case of our servers being hacked, possession of the password for a character constitutes possession of the character. Choose and maintain a secure password.

Now, that could raise some difficult questions if you don't have an encrypted authentication system or required e-mail verification for account changes. Obviously passwords sent over telnet can be easy to acquire.

Probably accomodated whoever I considered credible, if anyone (and spent the rest of my life listening to the other guy screaming 'FAVORITISM!'), and if I knew nothing about either of them, left the status quo in place, then created some kind of formal transfer process (probably based on email, which would need to have not been recently changed) without which a transfer isn't considered valid.

My vague feeling is that account systems would tend to help with this, since it's more reasonable to secure them more aggressively than the usual character=account setup, and the case can be made that there's never any legitimate reason for the overall account to be transferred rather than an individual character.

As an immortal, and admin, I was taught fairly early on, that immortals and admins, will only deal with problems which require immortal intervention upon.

Said case is clearly a mortal problem, and thus, should be treated like one.

Was person A silly for having a guessable password, yes. Did they share the password, no idea, but, if the person B did not bounce back 100+ failed password attempts, then it was obviously a mortal problem.

Now, had person B used brute force to gain access to the password, and failed miserably with a long log of errors, then it 'might' be an immortal issue, but to error on the side of caution, it is obviously the dilemma for the people who play the character to deal with, and not one to be pestered to the mud administration.

But, since, it revolves around a character (who is obviously not immortal), and who cannot be split in half, I would always side with the obvious, who ever has the password owns the character.